4 files changed, 62 insertions, 10 deletions

diff --git a/app/policies/admin/status_policy.rb b/app/policies/admin/status_policy.rb
new file mode 100644
index 000000000..ffaa30f13
--- /dev/null
+++ b/app/policies/admin/status_policy.rb
@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+class Admin::StatusPolicy < ApplicationPolicy
+  def initialize(current_account, record, preloaded_relations = {})
+    super(current_account, record)
+
+    @preloaded_relations = preloaded_relations
+  end
+
+  def index?
+    role.can?(:manage_reports, :manage_users)
+  end
+
+  def show?
+    role.can?(:manage_reports, :manage_users) && (record.public_visibility? || record.unlisted_visibility? || record.reported?)
+  end
+
+  def destroy?
+    role.can?(:manage_reports)
+  end
+
+  def update?
+    role.can?(:manage_reports)
+  end
+
+  def review?
+    role.can?(:manage_taxonomies)
+  end
+end
diff --git a/app/policies/canonical_email_block_policy.rb b/app/policies/canonical_email_block_policy.rb
new file mode 100644
index 000000000..8d76075c9
--- /dev/null
+++ b/app/policies/canonical_email_block_policy.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+class CanonicalEmailBlockPolicy < ApplicationPolicy
+  def index?
+    role.can?(:manage_blocks)
+  end
+
+  def show?
+    role.can?(:manage_blocks)
+  end
+
+  def test?
+    role.can?(:manage_blocks)
+  end
+
+  def create?
+    role.can?(:manage_blocks)
+  end
+
+  def destroy?
+    role.can?(:manage_blocks)
+  end
+end
diff --git a/app/policies/ip_block_policy.rb b/app/policies/ip_block_policy.rb
index 1abc97ad8..8baf6ee2d 100644
--- a/app/policies/ip_block_policy.rb
+++ b/app/policies/ip_block_policy.rb
@@ -5,10 +5,18 @@ class IpBlockPolicy < ApplicationPolicy
     role.can?(:manage_blocks)
   end
 
+  def show?
+    role.can?(:manage_blocks)
+  end
+
   def create?
     role.can?(:manage_blocks)
   end
 
+  def update?
+    role.can?(:manage_blocks)
+  end
+
   def destroy?
     role.can?(:manage_blocks)
   end
diff --git a/app/policies/status_policy.rb b/app/policies/status_policy.rb
index 134721f95..52cfd5050 100644
--- a/app/policies/status_policy.rb
+++ b/app/policies/status_policy.rb
@@ -7,10 +7,6 @@ class StatusPolicy < ApplicationPolicy
     @preloaded_relations = preloaded_relations
   end
 
-  def index?
-    role.can?(:manage_reports, :manage_users)
-  end
-
   def show?
     return false if author.suspended?
     return false if local_only? && (current_account.nil? || !current_account.local?)
@@ -33,17 +29,13 @@ class StatusPolicy < ApplicationPolicy
   end
 
   def destroy?
-    role.can?(:manage_reports) || owned?
+    owned?
   end
 
   alias unreblog? destroy?
 
   def update?
-    role.can?(:manage_reports) || owned?
-  end
-
-  def review?
-    role.can?(:manage_taxonomies)
+    owned?
   end
 
   private